Feature #5668: eve: optionally add rule fast_pattern - Suricata - Open Information Security Foundation

Actions

Copy link

Feature #5668

closed

PA OD

eve: optionally add rule fast_pattern

Feature #5668: eve: optionally add rule fast_pattern

Added by Philippe Antoine over 3 years ago. Updated 9 months ago.

Status:

Rejected

Priority:

Normal

Assignee:

OISF Dev

Target version:

TBD

Effort:

Difficulty:

Label:

Description

like a configurable metadata...

Related issues 1 (1 open — 0 closed)

PA Updated by Philippe Antoine over 3 years ago Actions
Copy link
#1

Related to Task #5488: Suricon 2022 brainstorm added

VJ Updated by Victor Julien over 3 years ago Actions
Copy link
#2

Subject changed from Output fast_pattern used by rule in eve.json to eve: optionally add rule fast_pattern

I can see how this is a convenience, but I also think this is trivial to get from the --engine-analysis's rules.json currently. Yes it requires a bit of post-processing, but nothing to complex.

PA Updated by Philippe Antoine 9 months ago Actions
Copy link
#3

Status changed from New to Rejected

So, not a goal

Actions

Copy link

Also available in: PDF Atom

Project

General

Profile

Suricata

Custom queries

Feature #5668

eve: optionally add rule fast_pattern

PA Updated by Philippe Antoine over 3 years ago Actions
Copy link
#1

VJ Updated by Victor Julien over 3 years ago Actions
Copy link
#2

PA Updated by Philippe Antoine 9 months ago Actions
Copy link
#3

Project

General

Profile

Suricata

Custom queries

Feature #5668

eve: optionally add rule fast_pattern

PA Updated by Philippe Antoine over 3 years ago ActionsCopy link #1

VJ Updated by Victor Julien over 3 years ago ActionsCopy link #2

PA Updated by Philippe Antoine 9 months ago ActionsCopy link #3

PA Updated by Philippe Antoine over 3 years ago Actions
Copy link
#1

VJ Updated by Victor Julien over 3 years ago Actions
Copy link
#2

PA Updated by Philippe Antoine 9 months ago Actions
Copy link
#3